My tint2 config

Head_on_a_Stick · 2025-01-23 17:00:30

greenjeans wrote:

clock_rclick_command = gksu.sh 'lxterminal -e dpkg-reconfigure tzdata'

Running the entire terminal emulator as root is a bit extreme for a shell command.

Try

clock_rclick_command = 'x-terminal-emulator -e sudo dpkg-reconfigure tzdata'

EDIT: deadbang uses .desktop files to run stuff like that from the Debian menu system, here's my timezone configurator:

https://git.sr.ht/~head_on_a_stick/dead … ne.desktop

Last edited by Head_on_a_Stick (2025-01-23 17:03:04)

greenjeans · 2025-01-23 17:08:21

Thanks HOAS but I don't use sudo at all on anything, have always used su ever since I started with Linux.

Head_on_a_Stick · 2025-01-23 17:09:00

It would work with su as well

EDIT:

clock_rclick_command = 'x-terminal-emulator -e su -c "dpkg-reconfigure tzdata"'

Last edited by Head_on_a_Stick (2025-01-23 17:10:24)

greenjeans · 2025-01-23 17:18:11

Using a .desktop was my first thought, but wanted to keep menu entries to a minimum. This worked out nicely as a right-click function of the clock as it's all about time, clock/calendar/change timezone.

Not sure about why it's "extreme"? It's worked well for the last 8 years for me...

Head_on_a_Stick · 2025-01-23 17:22:01

It is generally considered good practice to minimise the code run under elevated privileges.

https://en.wikipedia.org/wiki/Principle … _privilege

EDIT: or do you prefer to https://www.garyshood.com/root/?

EDIT2: and in respect of gksu.sh, note that comments before the shebang will cause the shebang not to be parsed. I suspect your script may actually be running with /bin/sh, so it's a good thing you've used POSIX tests rather than actual bash tests

And watch the quoting for your variables: https://www.shellcheck.net/ is great for linting scripts, I use it myself all the time.

Last edited by Head_on_a_Stick (2025-01-23 17:32:48)

greenjeans · 2025-01-23 17:29:45

Lol, no but I used to run Puppy Linux way back in the day, so yeah I spent a fair amount of time running as root.

Philosophically: If It is generally considered good practice to minimise the code run under elevated privileges, due to security reasons, wouldn't it also be a more secure practice to not give a user elevated privileges in the first place via sudo?

^^Old can of worms here, maybe we shouldn't open it?

johnraff · 2025-01-24 05:44:35

greenjeans wrote:

If It is generally considered good practice to minimise the code run under elevated privileges, due to security reasons, wouldn't it also be a more secure practice to not give a user elevated privileges in the first place via sudo?

Yeh of course it would be more secure if nobody ever had to run commands as root...

When Ubuntu (I think it was) first popularised sudo there were a lot of complaints. These days I think even Debian devs generally approve of it.

(You opened the can.)

Head_on_a_Stick · 2025-01-24 15:05:48

doas ftw!

Last edited by Head_on_a_Stick (2025-01-24 15:06:16)

greenjeans · 2025-01-24 15:45:25

Head_on_a_Stick wrote:

doas ftw!

NO! Follow the su, the SU!

SU=

Smart, Uncomplicated

Simple, Universal

You too, can be a SUPER USER (if only for a moment).

greenjeans · 2025-02-25 21:09:27

greenjeans wrote:

ceeslans wrote:
ehhh : gksu ?
Hi, that's not actually gksu, I do have older stuff around here that I use gksu on, so I named that particular gksu.sh both to remind my old forgetful self what it does, and the .sh to remind me it's not actually gksu.
It's a small script for authentication that translates what should be a normal request into the gibberish you have to enter to get pkexec to work on random stuff. I hate pkexec, always have. I have some file-manager extensions and other stuff I use this with.
Since "pkexec (random script)" doesn't work unless you jump through some hoops, I did this as a workaround so that you just have to use "gksu.sh (random script), and it works fine.
# Script to convert gksu to pkexec for extensions already written
# without adding a lot of code to the .desktop command line.
# Usage: "gksu.sh [program]"

#!/bin/bash
if [ -z $1 ]; then
 echo -e "at least 1 argument required!\n" >> /dev/stderr
 exit 1
fi
COMMAND=$1
shift #shift first arg
for ARG in "$@"
do
 if [ -z "$ARGS" ]; then
  ARGS="$ARG"
 else
  ARGS="$ARGS $ARG"
 fi 
done
ARGS=\'$ARGS\'
eval pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY $COMMAND $ARGS
exit 0

I had forgotten completely where I got that, been using it for a long time, but was checking my bookmarks trying to weed out the old ones I didn't need, and found where I got that script.

Here at the BL forum, lol. https://forums.bunsenlabs.org/viewtopic.php?id=7248

Thank you @sleekmason !

greenjeans · 2025-02-25 21:27:49

Head_on_a_Stick wrote:

It is generally considered good practice to minimise the code run under elevated privileges.
https://en.wikipedia.org/wiki/Principle … _privilege
EDIT: or do you prefer to https://www.garyshood.com/root/?
EDIT2: and in respect of gksu.sh, note that comments before the shebang will cause the shebang not to be parsed. I suspect your script may actually be running with /bin/sh, so it's a good thing you've used POSIX tests rather than actual bash tests
And watch the quoting for your variables: https://www.shellcheck.net/ is great for linting scripts, I use it myself all the time.

Well dang, just now read your edits to this post. Yeah I just copy/pasted the script as it was and added the description to remind myself what it does, never even paid attention to the bin/bash, I always use bin/sh so my scripts will use dash.

I have shellcheck on my machine too, but never ran it through there, in fact just started using shellcheck last year. It worked great the first time I tried it so never questioned it.

Actually didn't even know about the no comments before the shebang thing, that should tell you about my level of skill, lol, I never even messed around with shellscript until 2017 when I dove in somewhere in the middle trying to write scripts to re-size/rotate images.

Going to take a look at 'em now, will move the comments and try /bin/sh and see if they still work.

*sigh* You are making me work HOAS doggone it.

(thank you!)

johnraff · 2025-02-26 04:22:54

^Come to think of it, 'eval' can be dangerous, especially if it's being passed arguments from outside the script, as in this case.

I don't think it's necessary though:
https://forums.bunsenlabs.org/viewtopic.php?id=9115
https://forums.bunsenlabs.org/viewtopic … 51#p137451

Head_on_a_Stick · 2025-02-26 13:40:29

greenjeans wrote:

the no comments before the shebang thing

It can change the script behaviour significantly:

~$ cat > test <<!
> #!/bin/cat
> echo hello
> !
~$ chmod +x test
~$ ./test
#!/bin/cat
echo hello
~$ file test                  
test: a /bin/cat script, ASCII text executable
~$ gsed -i '1i # comment' test
~$ file test                   
test: ASCII text
~$ ./test 
hello
~$

greenjeans · 2025-02-26 16:26:27

I miss gksu.

Last edited by greenjeans (2025-02-26 17:52:22)

greenjeans · 2025-02-26 18:02:31

So yeah, shellcheck was not happy until I double-quoted-all-the-things.

And it may not be quite the right way to do things, but I saw no real need for the first part as there will always be an argument supplied, I only use this for a couple right-click extensions and changing tzdata. Plus echo was problematic with the change I made to /bin/sh , need to study up a little more today I guess.

I also tried dumping the eval command, but that introduced some weird errors.

So here's current version which seems to work really well, in fact a couple error messages in terminal that were there when changing tzdata no longer occur, nice and clean now.

#!/bin/sh
# Script to convert gksu to pkexec for extensions already written
# without adding a lot of code to the .desktop command line.

COMMAND=$1
shift #shift first arg
for ARG in "$@"
do
 if [ -z "$ARGS" ]; then
  ARGS="$ARG"
 else
  ARGS="$ARGS $ARG"
 fi 
done
ARGS=\'$ARGS\'
eval pkexec env DISPLAY="$DISPLAY" XAUTHORITY="$XAUTHORITY" "$COMMAND" "$ARGS"
exit 0

#101 2025-01-23 17:00:30

Re: My tint2 config

#102 2025-01-23 17:08:21

Re: My tint2 config

#103 2025-01-23 17:09:00

Re: My tint2 config

#104 2025-01-23 17:18:11

Re: My tint2 config

#105 2025-01-23 17:22:01

Re: My tint2 config

#106 2025-01-23 17:29:45

Re: My tint2 config

#107 2025-01-24 05:44:35

Re: My tint2 config

#108 2025-01-24 15:05:48

Re: My tint2 config

#109 2025-01-24 15:45:25

Re: My tint2 config

#110 2025-02-25 21:09:27

Re: My tint2 config

#111 2025-02-25 21:27:49

Re: My tint2 config

#112 2025-02-26 04:22:54

Re: My tint2 config

#113 2025-02-26 13:40:29

Re: My tint2 config

#114 2025-02-26 16:26:27

Re: My tint2 config

#115 2025-02-26 18:02:31

Re: My tint2 config

Board footer